Buffer overflow vulnerability in Sonicwall SonicOS affects different products: Patch immediately

Cybersecurity specialists report the detection of a critical vulnerability in SonicOS, the operating system executed in the physical and virtual firewalls developed by the technology firm SonicWall. According to the report, successful exploitation of this vulnerability would allow threat actors to execute arbitrary code on affected systems.

Tracked as CVE-2022-22274, the vulnerability exists due to a limit bug in SonicOS, which would allow unauthenticated remote threat actors to send specially crafted HTTP requests, trigger a stack-based buffer overflow, and execute arbitrary code on the compromised system.

The vulnerability received a score of 8.5/10 according to the Common Vulnerability Scoring System (CVSS), so it is considered a critical severity error. A successful attack would allow full engagement of affected deployments.

According to the report, the flaw lies in the following versions of SonicOS:

  • SonicOS: 6.5.4.4-44v-21-955 – 7.0.1-R1456
  • TZ270: All versions
  • TZ270W: All versions
  • TZ370: All versions
  • TZ370W: All versions
  • TZ470: All versions
  • TZ470W: All versions
  • TZ570: All versions
  • TZ570W: All versions
  • TZ570P: All versions
  • TZ670: All versions
  • NSa 2700: All versions
  • NSa 3700: All versions
  • NSa 4700: All versions
  • NSa 5700: All versions
  • NSa 6700: All versions
  • NSsp 10700: All versions
  • NSsp 11700: All versions
  • NSsp 13700: All versions
  • NSv 270: All versions
  • NSv 470: All versions
  • NSv 870: All versions
  • NSsp 15700: All versions
  • NSv 10: All versions
  • NSv 25: All versions
  • NSv 50: All versions
  • NSv 100: All versions
  • NSv 200: All versions
  • NSv 300: All versions
  • NSv 400: All versions
  • NSv 800: All versions
  • NSv 1600: All versions

While the vulnerability could be exploited by unauthenticated remote threat actors, no active exploitation attempts have been detected so far. Still, SonicWall recommends users of affected deployments install the available updates as soon as possible.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.